"Website fingerprinting" is a machine learning attack where an adversary observes a user's encrypted data traffic, and uses traffic timing and quantity to guess what website and/or webpage that user is visiting. This attack has high accuracy rates against all kinds of encrypted traffic: HTTPS webpages, VPN networks, and also against the Tor network. For this project, we developed a framework for rapidly developing, evaluating, and deploying defenses to defend against website fingerprinting attacks for the Tor network. The framework adds additional cover traffic to connections to obscure user activity, without delaying real website content or impacting user experience. We used this framework to deploy defenses to the live Tor network, and also to prototype and evaluate several more defenses for research purposes. While this framework is designed for the Tor network, it is applicable to any packet-based encrypted network protocol. Additionally we developed a lightweight defense simulator, to reduce the time and costs involved in the evaluation, scientific reproducibility, and deployment of defenses. Previously, it was often hard to tell if independent implementations of various attacks and defenses were true-to-form or even properly calibrated for direct comparison in a realistic live network setting. Discrepancies in results across the literature suggest that previous research papers in the area suffer from these problems. With the project's framework for creating padding defenses, as well as a realistic and reproducible simulator for evaluating them, future research will enjoy improved evaluation and scientific reproducibility for lower cost. Moreover, the specific design choice to frame defense development as an optimization problem will support new avenues of future research in defenses against website fingerprinting attacks as well.
Comments
Please register or sign in to add a comment.